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Claims 

[d] A central encryption management system, comprising: 
a plurality of communications terminals for performing 
data communications; 

an encryption apparatus which can be connected be- 
tween the plurality of communications terminals; the ap- 
paratus including encryption/decryption means for per- 
forming an encrypting process and a decrypting process 
on data to terminate encryption-based security between 
the encryption apparatus and the communications ter- 
minal having the encrypting capability; and 
a manager terminal for inputting various information for 
controlling encrypted-data communications into each of 
the encryption apparatus and the communications ter- 
minals remotely from the manager terminal over a net- 
work, so that settings for the encrypted data communi- 
cations on each of the apparatus and the terminals are 
completed, 

wherein the various information includes at least one of 
the presence/absence of the encrypting/decrypting pro- 
cess, the communicability indicating that a packet is dis- 
carded between specific terminals, the encryption level, 
the time period for the encryption, the encryption policy 



for each division; 

wherein the plurality of communications terminals, the 
manager terminal, and the encryption apparatus are 
connected via a cable or wireless network. 

[c2] The central encryption management system according to 
claim 1, 

wherein the encryption/decryption means performs the 
encrypting process and the decrypting process on data, 
so that the encryption apparatus receives and retrans- 
mits data in the form of encrypted data from and to the 
communications terminal having the encrypting capabil- 
ity, and the encryption apparatus receives and retrans- 
mits the data in the form of non-encrypted data from 
and to the communications terminal having no encrypt- 
ing capability. 

[c3] The central encryption management system according to 
claim 1, wherein the encryption apparatus further in- 
cludes bridge means for allowing data, which has been 
received with one of the plurality of ports of the encryp- 
tion apparatus and then on which the encrypting or de- 
crypting process has been performed, to be outputted as 
it is from another port without being performed any 
routing process. 

[c4] The central encryption management system according to 



claim 1, wherein the encryption apparatus further in- 
cludes setting information storage means for storing the 
information inputted from the manager terminal, in 
which the inputted information is used when controlling 
the encrypting process and the decrypting process, and 
the encryption apparatus controls the encrypting process 
and the decrypting process by comparing the informa- 
tion stored in the setting information storage means with 
header information of a data packet of the data received 
with one of the plurality of ports. 

A central encryption management system, comprising: 
a plurality of communications terminals for performing 
data communications; 

an encryption apparatus having a plurality of ports which 
can be connected between the plurality of communica- 
tions terminals, in which the encryption apparatus per- 
forms encrypting or decrypting process on data which 
has been received with one of the plurality of ports and 
then which has passed through a data link layer and a 
physical layer, and the encryption apparatus outputs the 
encrypted or decrypted data from another port through a 
data link layer and a physical layer without passing said 
data to a network layer in which routing between net- 
works is controlled; and 

a manager terminal for inputting various information for 



controlling encrypted -data communications into each of 
the encryption apparatus and the communications ter- 
minals remotely from the manager terminal over a net- 
work, so that a setting of each of the apparatus and ter- 
minals for communicating encrypted data is completed, 
wherein the various information includes at least one of 
the presence/absence of the encrypting/decrypting pro- 
cess, the communicability indicating that a packet is dis- 
carded between specific terminals, the encryption level, 
the time period for the encryption, the encryption policy 
for each division; 

wherein the plurality of communications terminals, the 
encryption apparatus, and the manager terminal are 
connected via a cable or wireless network. 

The central encryption management system according to 
claim 5, wherein the encryption apparatus further in- 
cludes setting information storage means for storing the 
information inputted from the manager terminal, in 
which the inputted information is used when controlling 
the encrypting process and the decrypting process, and 
the encryption apparatus controls the encrypting process 
and the decrypting process by comparing the informa- 
tion stored in the setting information storage means with 
header information of a data packet of the data received 
with one of the plurality of ports. 



